package cn.kgc.config;

import cn.kgc.shiro.MyRealm;
import org.apache.shiro.authc.credential.HashedCredentialsMatcher;
import org.apache.shiro.spring.web.config.DefaultShiroFilterChainDefinition;
import org.apache.shiro.web.mgt.CookieRememberMeManager;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.apache.shiro.web.servlet.SimpleCookie;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;

import javax.annotation.Resource;



@Configuration
public class ShiroConfig {
    @Resource
    private MyRealm myRealm;

    //配置SecurityManager管理
    @Bean
    public DefaultWebSecurityManager defaultWebSecurityManager() {
        //1创建defaultWebSecurityManager
        DefaultWebSecurityManager defaultWebSecurityManager = new DefaultWebSecurityManager();
        //2创建加密对，设置相关属性
        HashedCredentialsMatcher matcher = new HashedCredentialsMatcher();
        //2.1采用md5加密
        matcher.setHashAlgorithmName("md5");
        //2.2采用迭代加密的次数
        matcher.setHashIterations(3);
        //3将加密对象存储到myrealm中
        myRealm.setCredentialsMatcher(matcher);
        //4将myrealm存入到defaultWebSecurityManager对象中
        defaultWebSecurityManager.setRealm(myRealm);
        //4.5设置rememberMe
        defaultWebSecurityManager.setRememberMeManager(rememberMeManager());
        //5返回
        return defaultWebSecurityManager;
    }

    //cookie属性设置
    public SimpleCookie rememberMeCookie(){
        SimpleCookie cookie= new SimpleCookie("rememberMe");
        //设置跨域
        // cookie.setDomain(domain);
        cookie.setPath("/");
        cookie.setHttpOnly(true);
        cookie.setMaxAge(30*24*60*60);
        return cookie;
    }

    //创建Shiro的cookie管理对象
    public CookieRememberMeManager rememberMeManager(){
        CookieRememberMeManager cookieRememberMeManager = new CookieRememberMeManager();
        cookieRememberMeManager.setCookie(rememberMeCookie());
        cookieRememberMeManager.setCipherKey("1234567890987654".getBytes());
        return cookieRememberMeManager;
    }

    //配置shiro内置过滤器拦截范围
        @Bean
        public DefaultShiroFilterChainDefinition shiroFilterChainDefinition(){
            DefaultShiroFilterChainDefinition definition = new DefaultShiroFilterChainDefinition();
            //设置不认证可以访问的资源
            definition.addPathDefinition("/user/login","anon");
            definition.addPathDefinition("/user/getAllCourt","anon");
            definition.addPathDefinition("/case/**","anon");
            definition.addPathDefinition("/process/**","anon");
            definition.addPathDefinition("/case/updateStatus1","anon");
            definition.addPathDefinition("/case/updateStatus2","anon");
            definition.addPathDefinition("/collection/getCollection","anon");
            definition.addPathDefinition("/collection/deleteInfo","anon");
            definition.addPathDefinition("/collection/addInfo","anon");
            definition.addPathDefinition("/user/page","anon");
            definition.addPathDefinition("/login","anon");
            definition.addPathDefinition("/echarts/example","anon");
            definition.addPathDefinition("/user/username/**","anon");
            definition.addPathDefinition("/user/username","anon");
            definition.addPathDefinition("/selectdepartment","anon");
            definition.addPathDefinition("/user/GMUser","anon");
            definition.addPathDefinition("/user/add/**","anon");
            definition.addPathDefinition("/user/updateBywordId/**","anon");
            definition.addPathDefinition("/user/updateBywordId","anon");
            definition.addPathDefinition("/user/deleteCuser","anon");
            definition.addPathDefinition("/user/deleteCuser/**","anon");
			definition.addPathDefinition("/adddepartment","anon");
            definition.addPathDefinition("/deletedepartment/**","anon");
            definition.addPathDefinition("/updatedepartment","anon");
            definition.addPathDefinition("/selectdepartmentByName/**","anon");
            definition.addPathDefinition("/selectrole","anon");
            definition.addPathDefinition("/deleterole/**","anon");
            definition.addPathDefinition("/addrole","anon");
            definition.addPathDefinition("/updaterole","anon");
            definition.addPathDefinition("/selectByName/**","anon");
            definition.addPathDefinition("/selectpost","anon");
            definition.addPathDefinition("/deletepost/**","anon");
            definition.addPathDefinition("/addpost","anon");
            definition.addPathDefinition("/updatepost","anon");
            definition.addPathDefinition("/selectPostByName","anon");
            definition.addPathDefinition("/backup/**","anon");
            definition.addPathDefinition("/home/backup/**","anon");
            definition.addPathDefinition("/backup/mysqlBackups/**","anon");
            definition.addPathDefinition("/user/export","anon");

            //设置登出过滤器
            definition.addPathDefinition("/logout","logout");
            //设置需要进行登录认证的拦截范围
            definition.addPathDefinition("/**","authc");
            //添加存在用户的过滤器（rememberMe）
            definition.addPathDefinition("/**","user");
            return definition;

        }
}
